Security Advisory

CVE-2019-5039

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-08-20 20:39:41

Last updated 2024-08-04 19:40:49

Assigner talos

State PUBLISHED

Description

An exploitable command execution vulnerability exists in the ASN1 certificate writing functionality of Openweave-core version 4.0.2. A specially crafted weave certificate can trigger a heap-based buffer overflow, resulting in code execution. An attacker can craft a weave certificate to trigger this vulnerability.

← Browse all CVEs View on cve.org ↗